Perform Network Search

POST /search

Perform a search against flow logs with an RQL query.

This endpoint ignores the body param default.

Download Network Search CSV

In addition to performing a network search, this API can perform the network search and download the results as a CSV file. To download the network search CSV, add the request HTTP header Accept: text/csv.

An example request body is:

{
  "cloudType": "",
  "id":"",
  "name":"",
  "description:"",
  "saved":false,
  "default":false,
  "query": "",
    "timeRange": {
      "type": "",
      "value": ""
    }
}

Request

application/json; charset=UTF-8

Body

required

Search model

cloudType string

Possible values: [aws, azure, gcp, alibaba_cloud, oci]

Cloud Type

id string

Search ID

name string

Search Name

description string

Search Description

saved boolean

Search Exists

timeRange objectrequired

Model for TimeRangeConfig

type string

Possible values: [relative]

Time type

value object

Model for RelativeTimeDuration

unit string

Possible values: [minute, hour, day, week, month, year]

Time unit

amount int32

Number of time units

query stringrequired

RQL Query

default boolean

Responses

success

application/json; charset=UTF-8

Schema
Example (from schema)

Schema

groupBy string[]

Group By

filters object[]

View Order

Array [

name string

Name

value string

Value

operator string

Possible values: [=]

Operator

]

timeGranularity string

Time Granularity

alertId string

Alert ID

cloudType string

Possible values: [aws, azure, gcp, alibaba_cloud, oci]

Cloud Type

id string

Search ID

name string

Search Name

description string

Search Description

searchType string

Possible values: [network, audit_event, config, asset]

Search Type

asyncResultUrl string

Async Result Url

saved boolean

Search Exists

timeRange objectrequired

Model for TimeRangeConfig

type string

Possible values: [relative]

Time type

value object

Model for RelativeTimeDuration

unit string

Possible values: [minute, hour, day, week, month, year]

Time unit

amount int32

Number of time units

query stringrequired

RQL Query

cursor int32

Cursor

data object

object

default boolean

async boolean

true = Is Async

{
  "groupBy": [
    "string"
  ],
  "filters": [
    {
      "name": "string",
      "value": "string",
      "operator": "="
    }
  ],
  "timeGranularity": "string",
  "alertId": "string",
  "cloudType": "aws",
  "id": "string",
  "name": "string",
  "description": "string",
  "searchType": "network",
  "asyncResultUrl": "/search/config/jobs/2df49d4f72e842b582b123bc2b7826b3/download",
  "saved": true,
  "timeRange": {
    "type": "relative",
    "value": {
      "unit": "minute",
      "amount": 0
    }
  },
  "query": "string",
  "cursor": 0,
  "data": {},
  "default": true,
  "async": true
}

Perform Network Search

/search

Download Network Search CSV​

Request​

Body

Responses​

Download Network Search CSV

Request

Responses